AV/Malware protection - best suite

I currently have a combination of Malwarebytes and Bitdefender Total Security on my 2 machines - MWB is coming up for renewal and I'm wondering if it's still seen as the optimum solution - I have a feeling it's not.

What setup do people have for protection on their Win10 machines these days, it's a couple of years since I did proper research in to this.

I currently have a combination of Malwarebytes and Bitdefender Total Security on my 2 machines - MWB is coming up for renewal and I'm wondering if it's still seen as the optimum solution - I have a feeling it's not.

What setup do people have for protection on their Win10 machines these days, it's a couple of years since I did proper research in to this.

Thanks in advance.

We seem to have a lot of 'group think' going on here with Windows Defender being recommended as the favorite. (And several people saying it's the ONLY software software necessary). Depending on the user and his/her computer usage + internet savviness, I have to seriously question the soundness of that kind of advice. I have a completely different opinion from the hive on this matter because I firmly believe depending on the person's computer usage as well as the user environment, it does play a role in which protection software is appropriate or "the best". (e.g. single owner PC versus a family PC shared by many within the family, etc).

Since you're seeking opinions, I'll offer up my own. ESET's Smart Security is what I have been using for roughly the past 12+ years. I started out using their basic antivirus protection (NOD32) and I liked it so much I upgraded to their all inclusive suite package. ESET Smart Security has many useful features. So does WinPatrol which I have been using for just as long. Both are extremely light on memory footprint and ESET's malware + A/V detection is amongst the best.

EDIT:

ESET's Smart Security that I like so much has been renamed to Internet Security. Same exact thing. They changed the name because they came out with a slightly different version of Smart Security called "Smart Security Premium" which comes with a built in password manager and data encryption feature. If these 2 features are not necessary for you, the regular Smart Security is what you should look into. They have a 30-day trial you can download off their website.

It's well known that there's no difference in effectiveness between free and paid options. The paid options exist to make you renew your subscription, the free options usually to either improve the quality/safety of something else (e.g. Windows Defender) or to sell a paid upgrade. The detection engines behind them are unrelated.

There are some less educated individuals who've bought something and realised "shit, this isn't any better but I have to justify myself to avoid feeling a fool" who go ranting about stuff like MBAM-RT, ESET and so forth. They're cool too, the only harm done is a financial one. They're bottled water.

Prevailing wisdom across the technically educated is that you need nothing more than safe habits, a secure browser (so not fucking Firefox) and Windows Defender.

I'm just going to note that ESET (though they are not alone) man-in-the-middle's encrypted connections to allow them to inspect such traffic. The implementation is often rife with security holes.

If you want the security blanket of another tool in addition to Defender, malwarebytes remains a good option.

The option for "Do not scan SSL protocol" is already checked by default so the chances of those kinds of problem described in the blog are nil. The user would have to purposely go into the advanced settings and turn it on.

I'm just going to note that ESET (though they are not alone) man-in-the-middle's encrypted connections to allow them to inspect such traffic. The implementation is often rife with security holes.

If you want the security blanket of another tool in addition to Defender, malwarebytes remains a good option.

The option for "Do not scan SSL protocol" is already checked by default so the chances of those kinds of problem described in the blog are nil. The user would have to purposely go into the advanced settings and turn it on.

You'll note that other paid AV products had the same issue - point being that in chasing feature checkboxes, they all introduce security vulnerabilities of their own.

That they thought that particular feature was a good idea in the first place tells me everything I want to know.

That's a bit excessive. Please name me a browser that doesn't have some kind of security flaw.

Point me one (or four) which don't use a plugin model which cannot be secured in any way? Saying "All software has flaws" is no defense for an extremely weak design. All houses get burgled, why bother locking at all? Do you lock your door, knowing all houses get burgled? Why?

XPCOM is a security disaster. It's not possible to argue otherwise. It comprehensively allows attackers an easy, convenient means to bypass all modern security protections, both in browser and in OS. It allows flaws which would be minor annoyances in Chrome or Edge to completely own the browser.

If Firefox were an evil overlord's base, XPCOM would be the convenient, accessible, self-destruct button.

That's a bit excessive. Please name me a browser that doesn't have some kind of security flaw.

Point me one (or four) which don't use a plugin model which cannot be secured in any way? Saying "All software has flaws" is no defense for an extremely weak design. All houses get burgled, why bother locking at all? Do you lock your door, knowing all houses get burgled? Why?

XPCOM is a security disaster. It's not possible to argue otherwise. It comprehensively allows attackers an easy, convenient means to bypass all modern security protections, both in browser and in OS. It allows flaws which would be minor annoyances in Chrome or Edge to completely own the browser.

If Firefox were an evil overlord's base, XPCOM would be the convenient, accessible, self-destruct button.

Dude, I don't know about any of that diatribe you just typed. You're going off on a tangent which i have no interest in engaging in. I made my comment above because you said quote "not fucking firefox" as if Firefox is the only browser guilty of having security holes. Why didn't throw in "fucking Opera" or "fucking Chrome" while you were at it?

Calling out Firefox solely tells me you have a personal disliking or prejudiced against it. Which is completely fine because well you know... everyone has their preferences. Bottom line is that I really don't care which browser you use personally, but throwing out the f-bomb just to describe Firefox is like a weird and excessive hatred that I just don't get. It's quite excessive to say "not fucking firefox" when there's 2 prominent browsers out there that also use plugins.

Calling out Firefox solely tells me you have a personal disliking or prejudiced against it. Which is completely fine because well you know... everyone has their preferences. Bottom line is that I really don't care which browser you use personally, but throwing out the f-bomb just to describe Firefox is like a weird and excessive hatred that I just don't get. It's quite excessive to say "not fucking firefox" when there's 2 prominent browsers out there that also use plugins.

Mr. Hat seems to have a rather well-established loathing for Firefox. Which I've noticed since I myself prefer Firefox to anything else. His response to any question having to do with web browsers is "Don't use Firefox!", even if the OP wasn't asking that kind of question.

I've read lots of his other posts, and he is obviously a very smart guy and knows a lot about many things that I'll never know, but he does seem to have this thing about Firefox.

Calling out Firefox solely tells me you have a personal disliking or prejudiced against it. Which is completely fine because well you know... everyone has their preferences. Bottom line is that I really don't care which browser you use personally, but throwing out the f-bomb just to describe Firefox is like a weird and excessive hatred that I just don't get. It's quite excessive to say "not fucking firefox" when there's 2 prominent browsers out there that also use plugins.

If shitty design is a personal dislike or a prejudice, sure, I'll go there. If Chrome used XPCOM plugins, I'd be pulling it apart too. Or Edge. Or Opera. Or whatever. One of us is using personal and prejudicial arguments here, one of us is stating facts and justification.

As you're not even addressing that, I'm going to assume you don't actually know what you're talking about, but I'll give you the chance anyway.

Do you want to tell us all why Mozilla removed XPCOM in Firefox 57, and why you don't instantly go flocking back to a browser which has been extremely weak before? How's that not locking doors coming along for you? All houses get burgled, so it doesn't matter that yours is open.

Do you want to tell us all why Mozilla removed XPCOM in Firefox 57, and why you don't instantly go flocking back to a browser which has been extremely weak before? How's that not locking doors coming along for you? All houses get burgled, so it doesn't matter that yours is open.

I don't understand why you continue railing on about Firefox when you yourself admit that the new version, i.e. the default version that will be installed if I go to Firefox's website today and therefore the version that virtually all of their users will be using going forward (except a tiny minority who won't even amount to a rounding error that wants to cling to the old version, and will likely end up on a forked project, not even Firefox) has ripped out the old insecure system and replaced it with a new, more secure system. They basically did what you asked them to do, and handed it to you on a platter. What more do you want Mozilla to do? Shut down the business and return all the money to the shareholders? Because good luck with that on an open source foundation.

Firefox <57 is old news. This is quite literallyedit: removed funny pic about Abe Simpson due to moderation notice above

MBAM Real Time makes sense for users who are not disciplined enough to run scans with the free version regularly. Which is like almost everyone I end up casually supporting. You want to find out that your computer has become infected when it happens. You don't want to find out weeks or months later, because you noticed your bank account has been drained of all its funds, or all the files on your network have become encrypted with a key that you don't know. And all of you are saying "education and good Internet hygiene are enough to prevent malware", but good luck with that with your average user. We, as the more tech savvy people in their lives, need to put in place more active mitigations, because people never do what you tell them to do so you need to protect them from themselves. For those of you who are IT admin professionals, do you simply install Windows Defender on all your computers, "educate" your users, and call it a day?.

The detection engine of MBAM-RT is obviously no better than the detection engine of MBAM Free. Of course. That goes without saying. That's because they are exactly the same product underneath. The value of paying for MBAM-RT isn't that it's any better at finding malware, the value is that I don't have to worry about it, it finds malware on its own without any intervention from me. Even I pay for it, and I'm pretty good about not getting infected. But if you value money more than time, sure, go ahead, scan manually all you want.

I don't understand why you continue railing on about Firefox when you yourself admit that the new version, i.e. the default version that will be installed if I go to Firefox's website today and therefore the version that virtually all of their users will be using going forward (except a tiny minority who won't even amount to a rounding error that wants to cling to the old version, and will likely end up on a forked project, not even Firefox) has ripped out the old insecure system and replaced it with a new, more secure system.

There's still progress to be made that hasn't yet been made (e.g. the process isolation model is pretty basic), as well as a poor reputation for being slow to react to security issues. Go back a decade and I was the biggest fan of Firefox you're ever going to see (I have a lot of posts, search them), but it's playing a big catch up game right now, and it's not there yet. Google took everyone off-guard with Chrome and Firefox was by far the slowest to respond.

Dumping XPCOM let Firefox get to the security state Chrome was in when it was launched. That was a looooooong time ago!

A bad rep is hard to shake. I haven't gone back to MS after IE6, despite Edge probably suiting me better than Chrome does. It doesn't need to be a little better - It needs to be convincingly better.

Quote:

For those of you who are IT admin professionals, do you simply install Windows Defender on all your computers, "educate" your users, and call it a day?.

Yes. We use MS SCCM to manage the thing (as well as software packages) and we send out company-wide (this is 17,000 users) security alerts, which are proof read by technical specialists (I'm one of them) across all the major IT functions. We maintain around seventy honeypots, a mixture of internet-facing servers, email accounts looking really important (inc. the CEO's name) and client machines to guide us in when we should probably remind users that they should pay attention.

Servers use, right now, a mixture of Sophos and McAfee (w/ePO), but that's changing.

Quote:

The detection engine of MBAM-RT is obviously no better than the detection engine of MBAM Free. Of course. That goes without saying. That's because they are exactly the same product underneath. The value of paying for MBAM-RT isn't that it's any better at finding malware, the value is that I don't have to worry about it, it finds malware on its own without any intervention from me. Even I pay for it, and I'm pretty good about not getting infected. But if you value money more than time, sure, go ahead, scan manually all you want.

I still pay for MBAM-RT - I probably shouldn't, because it isn't actually better than Windows Defender - because of how many useful free utilities Malwarebytes produces and for the longest time, it was the only thing which could actually REMOVE a rootkit instead of just detecting it. The Win7 VMs and physical boxes I have around get MBAM-RT, everything Windows10 doesn't. When I'm wholly Windows10, MB will probably stop getting my money.

Thanks for the info, I'll keep with the MBAM for the real time checking, but ditch BitDefender in favour of Windows Defender when that comes up to renew. I'm not sure where the wisdom of the crowds ended up on the browser question, so I'll stick with Chrome for now.